http: guard against response splitting in trailers (!2945) · Merge requests · Rodrigo Test / Test Group-nodejs / node

Rodrigo Muino Tomonari requested to merge github/fork/bnoordhuis/http-trailers-response-splitting into master Sep 18, 2015

Commit 3c293ba2 ("http: protect against response splitting attacks") filters out newline characters from HTTP headers but forgot to apply the same logic to trailing HTTP headers, i.e., headers that come after the response body. This commit rectifies that.

The expected security impact is low because approximately no one uses trailing headers. Some HTTP clients can't even parse them.

R=@ChALkeR

CI: https://ci.nodejs.org/job/node-test-pull-request/338/

Admin message

Admin message

http: guard against response splitting in trailers

Merge request reports